CVE Catalog

CVE-2026-11420

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.74%

50th percentile — higher than 50% of all known CVEs

Summary

Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server.

Risk Assessment

Exploitation of these vulnerabilities can lead to remote code execution in the context of the service account and disclosure of deployment package contents, posing a serious security threat to the organization.

Recommendation

It is recommended to immediately update the Altium Enterprise Server to the latest version to mitigate these vulnerabilities and restrict access to the NIS only to trusted users.

Original NVD description (English source)

Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session, or credentials are required. Because content-controlled files can be written to web-accessible directories, or used to overwrite application binaries or configuration files, exploitation can be escalated to remote code execution in the context of the service account, and can disclose deployment package contents. Altium 365 cloud deployments are not affected, as the Network Installation Service is not part of the cloud offering.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS